Skip to content

FFI trampoline boxing of large ffi.Pointer results is not GC-safe #36155

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
sjindel-google opened this issue Mar 8, 2019 · 0 comments
Closed

FFI trampoline boxing of large ffi.Pointer results is not GC-safe #36155

sjindel-google opened this issue Mar 8, 2019 · 0 comments
Assignees
@sjindel-google
Labels
area-vm Use area-vm for VM related issues, including code coverage, and the AOT and JIT backends.

Comments

@sjindel-google
Copy link
Contributor

The objects in the frame of an FFI trampoline are not scanned by the GC.
However, when allocating a Pointer object to hold the box of a non-Smi-fitting return value, the box is not protected, and the Pointer object created can hold a dangling reference.

This would lead to a crash.
@sjindel-google sjindel-google self-assigned this Mar 8, 2019
@sjindel-google sjindel-google added this to the Dart VM FFI 1.0 milestone Mar 8, 2019
@a-siva a-siva added the area-vm Use area-vm for VM related issues, including code coverage, and the AOT and JIT backends. label Mar 8, 2019
@mit-mit mit-mit removed this from the Dart VM FFI 1.0 milestone Mar 11, 2019
@sjindel-google sjindel-google mentioned this issue Mar 12, 2019
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@sjindel-google sjindel-google

Labels
area-vm Use area-vm for VM related issues, including code coverage, and the AOT and JIT backends.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@a-siva @mit-mit @sjindel-google